General

  • Target

    e74bad9ad34ec6604fe19b1530e90e0cd7e67ace71e88261e1ca42c78df18f84N.exe

  • Size

    2.6MB

  • Sample

    241113-zfk2eayerf

  • MD5

    200eff4817f6014ed2444b32addfd0e0

  • SHA1

    9a686a15139acf0b52003b56acc28a0c5d64614b

  • SHA256

    e74bad9ad34ec6604fe19b1530e90e0cd7e67ace71e88261e1ca42c78df18f84

  • SHA512

    4f8c1aa350fcf29a6a29b4305dce42175e5c79c931b6e6a48e035dba2f33983f03f9c00e611030edf0d083a13188a9b4c730baf3d6ee24e627414eee57937c61

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBXB/bS:sxX7QnxrloE5dpUp0b

Malware Config

Targets

    • Target

      e74bad9ad34ec6604fe19b1530e90e0cd7e67ace71e88261e1ca42c78df18f84N.exe

    • Size

      2.6MB

    • MD5

      200eff4817f6014ed2444b32addfd0e0

    • SHA1

      9a686a15139acf0b52003b56acc28a0c5d64614b

    • SHA256

      e74bad9ad34ec6604fe19b1530e90e0cd7e67ace71e88261e1ca42c78df18f84

    • SHA512

      4f8c1aa350fcf29a6a29b4305dce42175e5c79c931b6e6a48e035dba2f33983f03f9c00e611030edf0d083a13188a9b4c730baf3d6ee24e627414eee57937c61

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBXB/bS:sxX7QnxrloE5dpUp0b

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks